The bill focuses on enhancing election security in Washington State by establishing new cybersecurity requirements for county election offices. It mandates the adoption of the ".gov" top-level domain for all election-related websites and email communications to mitigate cyber threats. Additionally, it requires the partitioning of internal government networks to create a more secure environment for election infrastructure. The bill also stipulates that vendors supporting county or state cyber assets must immediately report any breaches or successful cyber attacks to the Secretary of State and the Attorney General to ensure prompt communication and response.

Furthermore, the bill amends existing laws to clarify the approval process for voting systems and components, ensuring that any modifications do not require a full reexamination unless necessary. It also mandates that counties install intrusion detection systems to monitor for malicious activity continuously. New provisions require immediate disclosure of security breaches by manufacturers and distributors of voting systems, as well as by county auditors and IT directors. The bill sets a compliance deadline of July 1, 2027, for implementing these cybersecurity measures, which include isolating ballot counting equipment from other networks and restricting data transfers to secure, single-use devices.

Statutes affected:
Original Bill: 29A.12.050, 29A.12.020
Substitute Bill: 29A.12.050, 29A.12.020
Engrossed Substitute: 29A.12.050, 29A.12.020
Bill as Passed Legislature: 29A.12.050, 29A.12.020
Session Law: 29A.12.050, 29A.12.020